A conjugate self-organizing migration (CSOM) and reconciliate multi-agent Markov learning (RMML) based cyborg intelligence mechanism for smart city security

Ensuring the privacy and trustworthiness of smart city—Internet of Things (IoT) networks have recently remained the central problem. Cyborg intelligence is one of the most popular and advanced technologies suitable for securing smart city networks against cyber threats. Various machine learning and deep learning-based cyborg intelligence mechanisms have been developed to protect smart city networks by ensuring property, security, and privacy. However, it limits the critical problems of high time complexity, computational cost, difficulty to understand, and reduced level of security. Therefore, the proposed work intends to implement a group of novel methodologies for developing an effective Cyborg intelligence security model to secure smart city systems. Here, the Quantized Identical Data Imputation (QIDI) mechanism is implemented at first for data preprocessing and normalization. Then, the Conjugate Self-Organizing Migration (CSOM) optimization algorithm is deployed to select the most relevant features to train the classifier, which also supports increased detection accuracy. Moreover, the Reconciliate Multi-Agent Markov Learning (RMML) based classification algorithm is used to predict the intrusion with its appropriate classes. The original contribution of this work is to develop a novel Cyborg intelligence framework for protecting smart city networks from modern cyber-threats. In this system, a combination of unique and intelligent mechanisms are implemented to ensure the security of smart city networks. It includes QIDI for data filtering, CSOM for feature optimization and dimensionality reduction, and RMML for categorizing the type of intrusion. By using these methodologies, the overall attack detection performance and efficiency have been greatly increased in the proposed cyborg model. Here, the main reason of using CSOM methodology is to increase the learning speed and prediction performance of the classifier while detecting intrusions from the smart city networks. Moreover, the CSOM provides the optimized set of features for improving the training and testing operations of classifier with high accuracy and efficiency. Among other methodologies, the CSOM has the unique characteristics of increased searching efficiency, high convergence, and fast processing speed. During the evaluation, the different types of cyber-threat datasets are considered for testing and validation, and the results are compared with the recent state-of-the-art model approaches.

for developing an effective security systems.Hindy, et al. 38 deployed a machine learning based IDS framework for ensuring the security of IoT networks.In this system, the MQTT-IoT-IDS2020 dataset has been utilized to test the performance of this system.The purpose of this work was to categorize the normal and benign traffic by using 6 different types of machine learning techniques.According to this analysis, it is studied that the DT technique outperforms the other approaches with increased detection results.
Duraisamy, et al. 39 implemented a Krill-Herd (KH) optimization integrated Deep Learning Neural Network (DLNN) technique for improving the security of smart city networks.The KH was one of the most popular optimization technique extensively used for feature selection and dimensionality reduction.In addition to that, the min-max normalization mechanism was utilized to preprocess the given dataset.The key benefits of this work were increased detection accuracy, high level of security, and minimal time consumption.However, it has the following limitations: difficult to understand, reduced convergence rate, and complex mathematical calculations.Alsarhan, et al. 40 deployed a Support Vector Machine (SVM) classification technique for detecting intrusions in the Vehicular Ad-hoc Networks (VANETs).Here, three different types of optimization techniques such as Particle Swarm Optimization (PSO), Ant Colony Optimization (ACO), and Genetic Algorithm (GA) were separately used for selecting the most suitable technique.From this study, it is analyzed that the combination GA-SVM outperforms the other approaches with increased performance results.Also, it has the key benefits of reduced false positives, error rate, and better convergence speed.
Reference 41 integrated the federated learning model with the smart city application systems for improving its security and privacy.The focus of this work is to conduct a comprehensive review for analyzing the list of AIoT techniques for maximizing the network security.Bangui, et al. 42 presented a comprehensive survey for investigating the recent machine learning techniques used to develop an advanced IDS framework.It includes the popular mechanisms of Recurrent Neural Network (RNN), Game Theory, SVM, K-means, Self-Organizing Map (SOM), Logistic Regression (LR), and Random Forest (RF).Among other mechanisms, the RNN provides an increased detection accuracy and efficiency.Maseleno, et al. 43 deployed a Random Monarch Butterfly (RMB) optimization integrated RNN technique for protecting the smart society networks against the cyber-threats.During optimization, the migration and butterfly adjusting operators have been used to identify the best optimal solution with reduced number of iterations.Moreover, the attack detection performance of this system was validated and tested according to the parameters of detection level, f-measure, accuracy, and error rate.The primary advantages of this technique were capability of handling large dimensional datasets, reduced training and testing time.Table 1 reviews some of the recent state-of-the-art model techniques used for smart city security and intrusion detection 44 .
The motivations behind the proposed are given below: • To thoroughly investigate the research gaps in the linked devices of smart cities' network intrusion detection procedure.• To create a network intrusion detection system for smart cities that is more precise and effective.
• Developing the aforementioned mechanism in the framework of cyborg intelligence to gain from both machine and human intelligence.• To put into practice the proposed method of a specific dataset for evaluating the effectiveness of this mecha- nism.
• To evaluate the success rate of current machine learning techniques for network intrusion detection.
Therefore, the proposed work intends to develop a novel Cyborg intelligence mechanism for securing the smart city networks with reduced computational and time complexity.The major research objectives of this paper are as follows: • To design and develop a novel Cyborg intelligence based security model for protecting the smart city networks against the cyber-threats.• To normalize and preprocess the input cyber-threat datasets, the Quantized Identical Data Imputation (QIDI) mechanism is employed that effectively improves the quality of dataset by filtering the attributes.The other portions of this paper are organized into the followings: Section "Methods" presents the clear description about the proposed CSOM-RMML based Cyborg intelligence mechanism with its appropriate working flow and algorithms.The results of the proposed mechanism are validated and compared by using different datasets and parameters in Section "Results".At last, the entire paper is summarized with its findings, challenges, and future work in Section "Conclusion".

Methods
This section presents the clear description about the proposed Cyborg intelligence model for increasing the security of smart city systems.The original contribution of this work is to implement a novel optimization and classification techniques for designing a novel IDS framework to protect the smart city networks against the cyber-threats.The overall working flow of the proposed system is shown in Fig. 1, which includes the following stages: • Dataset Preprocessing and imputation • Feature Optimization Here, the different types of cyber-attack datasets are taken as the inputs for processing, which includes the UNSW-NB15, DS2OS, CICIDS-2017, BoT-IoTIDS 2020, and NSL-KDD.These are all the most popular benchmark datasets highly used in many application systems.At first, the Quantized Identical Data Imputation (QIDI) is used to preprocess the cyber-attack datasets by identifying the missing data vectors.Also, it helps to improve the overall quality of input for obtaining the maximum detection performance.After that, the Conjugate Self-Organizing Migration (CSOM) based optimization algorithm is implemented to choose the optimal number of features for classifier training and testing.The primary purpose of using this mechanism is to accurately detect the cyber-threats with increased computational efficiency.Consequently, the Reconciliate Multi-Agent Markov Learning (RMML) based classification methodology is used to predict and categorize the type of cyber-threat against the smart city networks.The key benefits of using the proposed CSOM-RMML based Cyborg intelligence mechanism are high security level, increased attack detection performance, easy to understand, and minimal complexity in computations.

Preprocessing.
For different types of data, different cleaning techniques are required.In machine learning, missing data must be treated with caution since it is more essential.There are two approaches to handle missing data, although both may produce information that is less than ideal: • Eliminating records with values that are missing: This is not the best course of action because it could result in the loss of information that could be instructive.• Using previous observations to impute the missing values: It is not ideal and could result in information loss because the value was initially missing but we added it.
In this stage, Quantized Identical Data Imputation (QIDI) mechanism is employed to preprocess the given cyber-threat datasets by normalizing the attributes.Here, the main purpose of using this preprocessing technique is to increase the quality of data by identifying the missing fields, and eliminating the irrelevant attributes.This preprocessed data helps to obtain an improved classification performance.Conventionally, the different types of filtering and normalization techniques are used in the existing works for dataset preprocessing.However, it has the problems of presence of noise, inconsistency, and error values.Therefore, the proposed work objects to employ a new QIDI mechanism for preprocessing the datasets, which has the key benefits of simple to understand, easy to implement, less time for processing, and high quality of data.During this process, the missing input data vector is generated at first, as shown in below: where, N indicates the number of features.After that, the distance is estimated for the individual features according to the weight vector by using the following equation: where, D i indicates the Euclidian distance between the input vector and weight vector i, x k = k is the element of current vector, n indicates the dimension of the input vector and w ik = k denotes the element of the weight vector i.Consequently, the mask value is estimated based on the input vector as shown in below: where, m k denotes the mask value.Then, the Best Identical Unit (BIU) is identified by adjusting the weight vector of the winner neuron.Hence, the BIU and its adjacent neurons are move closer to the input vectors in the space, which also helps to increase the agreement between the input and weight vectors.This adjustment is carried out by using the following model: where, w t indicates the element of weight vector, t is the time factor, η(t) is the learning rate, and h f is the neighborhood function.Consequently, the learning rate monotonically decreases with the number of iterations increased as represented in the following model: where, η 0 initial learning rate and T training length.After that, the quantization error is estimated by using the following model: where, N is the number of input vectors used to train the map, W ib prototype weight vector of the best matching unit of X i , and .denotes the Euclidean distance.Finally, the proportion of variance of a variable is predicted from other variable by using the following equation: where, x i indicates the observed value of i th features, y i represents the trained value of i th features, x ′ denotes the mean of observed value,y′ is the mean of the trained value, and n represents the number of observations.Based on this process, the given input cyber-threat dataset is preprocessed and the attributes are normalized.

Algorithm I -Quantized Identical Data Imputation (QIDI)
Input: Cyber-threat dataset Output:Preprocessed data; Step 1: Missing input data vector is initialized with number of features as represented in equ (1); Step 2:Then, the Euclidean distance is estimated according to the weight vector by using equ (2); Step 3:The mask value is computed for each column of feature as indicated in equ ( 4); Step 4: The Best Identical Unit (BIU) is identified by adjusting the weight vector of the winner neuron by using equ (5); Step 5:Consequently, the learning rate ( ) is decreased with the increase of number of iterations, as represented in equ ( 6); Step 6:The quantization error is also estimated according to the number of input vectors, and Euclidean distance value as shown in equ (7); Step 7:Finally, the proportion of variance is predicted with respect to the trained value, mean value, and number of observations as represented in equ ( 8); Feature optimization.Furthermore, we employed a feature optimization approach to reduce the input dimension through choosing the optimal feature subset.After imputation, the Conjugate Self-Organizing and Migration (CSOM) optimization algorithm is employed to optimally choose the features for classifier training and testing.In the existing smart city frameworks, various nature-inspired and bio-inspired optimization techniques are utilized for reducing the dimensionality of data and, improving the detection rate of classifier.Nevertheless, they have the major problems of reduced convergence speed, more number of iterations for reaching the optimal solution, high time consumption, and complex computations.Thus, the proposed work motivates to develop a novel and intelligent optimization technique for selecting the relevant features from the normalized cyber-threat datasets.It is motivated by the smart, successful, and cooperative behavior of population members who use numerous migration loops to find the problem's ideal, world-wide solution.A stochastic optimization technique that draws inspiration from the intelligence of creatures like birds and fish.The goal of the field of numerical optimization is to look for globally optimal solutions.In order to do that, the technique starts by creating a population of a certain number of people, each of whom is a potential solution to the issue.Through numerous migration loops, further solutions that were superior to the first ones based on rivalry and collaboration amongst these individuals, a crucial component of the swarm intelligent algorithm, are subsequently produced.Then it is continued until the algorithm's specified stop criteria are met.This mechanism encompasses the following operations: Setup parameters.At first, the setup parameters are initialized that includes the controlling parameters Num set , CPT , pop no , stopping parameters Mig , Dist m , and iteration count cnt m .
• Num set is a controlling parameter that defines the number of steps before the end of the movement.
• CPT is an another controlling parameter that determines that whether the individual population will move along the chosen coordinate to the leader.The possible value is 0.3; • pop no is a control parameter that is used to estimate the size of the individual population.Suggested value pop no > 10; • Migration ( Mig ) is a stopping parameter showing the maximum number of iterations.Suggested Mig > 10; • Dist m is a stopping parameter that is determined based on the value of goal function, which duplicates the average deviation among the three population leaders.The algorithm will come to a halt if this number is www.nature.com/scientificreports/less than the target value.Once the value is entered, the condition is verified as, if it is negative, the condition won't be satisfied, and the search will end once the allotted number of migration cycles has been reached.• cnt m is an iteration counter required to terminate the algorithm when it reaches the Migration number.
• Let cnt m =0; Generation of individual population.After that, the individual population is generated according to the coordinates, which are randomly generated x j within the interval of α j , β j as represented below: where, n is the number of iteration.
Migration loop.Consequently, the migration loop is executed, in which the leaders are selected at first according the best values.This selection is carried out after evaluating each individual by using the objective function.During this process, the population is sorted according to the target function in a non-decreasing order {x 1 , . . ., x pop no } .After that, the first three individuals are selected with respect to the lowest value of the objective function.For all individuals, two clones are created, which is an individual with the same coordinated as represented in below: End for; Moreover, the random number is created for each individual's coordinates, before they begin to travel in the direction of leader.Then, it is compared to the controlling parameter CPT as represented in below: Subsequently, all other individuals starts to move towards the leader, where the movement occurs in steps until the final destination on the iteration is reached with respect to the parameter Num set .It is estimated for the first leader by using the following model: Consequently, it is also estimated for the second and third leaders by using the following models: After all movements, the best step is identified for each individual (the step at which the value of the objective function is small), and the individual takes this location, assigning itself with the corresponding coordinate values, and moves to the next population.It is estimated for the first leader as shown in below: (8)  x j = α j + rand j [0, 1] β j − α j , j = 1, 2, . . ., n, for all k = 1, . . ., pop no (9)  x For the second and third leaders, the functions are calculated as follows: Convergence testing.Furthermore, the convergence speed of this optimization algorithm is validated by using the following model: ≥ Dist m and cnt m < Mig.If the above conditions are satisfied, the maximum number of migrations are not reached, then go to Step A; Otherwise, go to Step B: Step A: • Updating the population.
• Sort all individuals based on the non-decreasing objective function: Where P = 3 * pop no ; • Remove the last 2 * pop no + 1 3 * pop no individuals thus leaving only x 1 , . . ., x 2 3 * pop no .
• Generate 1 3 * pop no new individuals, where, k = 2 3 * pop no , . . ., pop no and j = 1, 2, . . ., n • Increase the iteration counter: Step B: • Refinement and stop criterion of algorithm; • Increase the Num set parameter and conduct a migration cycle for the second and third leaders relative to the first leader: Predict new leader position, Returning the best solution found during the search:

Reconciliate multi-agent Markov learning (RMML).
After feature selection, the novel technique, named as, Reconciliate Multi-Agent Markov Learning (RMML) is employed to predict and categorize the intrusion according to the selected features.It is a kind of machine learning mechanism mainly used for accurately predicting the cyber-threats against the smart city networks.In the existing works, the different types of machine learning techniques such as DT, RF, LR, SVM, KNN, and etc. are developed for developing an effective IDS security framework.Yet, it has the drawbacks of increased false alarm rate, error rate, complex to understand, high training and testing time.Hence, the proposed work intends to develop an advanced Cyborg intelligence mechanism by designing an optimization incorporated machine learning classification methodology, which helps to ensure the security of smart city networks against the cyber-threats.In the proposed work, the RMML based machine learning model is mainly used to predict the intrusion from the smart city networks.This algorithm is developed based on the conventional multi-agent markov decision technique, which is more suitable for handling the prediction problems.When compared to the other machine learning techniques, the proposed RMML has the primary advantages of low computational complexity, reduced time consumption, and high training speed.In the proposed technique, the probability density function is estimated for taking an accurate decisions while predicting intrusions from the intrusion data.Typically, the deep learning techniques consume more time for training and testing data samples, and also it follows some complex computational operations to obtain the best classification results.When comparing to the deep learning techniques, the machine learning techniques consume less time to provide the classified label.But, their accuracy and efficiency were not up to the mark.Hence, the proposed work aims to implement the novel and effective machine learning technique for intrusion identification and classification.In this model, the vector prediction, weight matrix formulation, coupling coefficient estimation, and probability density function estimation are performed to take an accurate decisions at the time of intrusion detection, which lowers the complexity of classification with ensured accuracy.Initially, the samples in i th label is represented as u i , and samples for the j th is considered as s j .After that, the vector prediction is performed by inferring all features in the layer i as represented in below: where, W ij is the transformation matrix which is connected to decision process, u i be the prediction vector for i th label, and B j indicates the bias of the j th label.After that, the prediction vector for the j th label is considered as vote, and the weight matrix is estimated according to the coupling coefficient as shown in below: where, Z ij is the dynamic coupling coefficient that is computed as follows: where, p ij indicates the probability that common features between i th label and j th label.Consequently, the prob- ability value is computed for each category of label by using the following equation: where, δ j obtained from voting is computed by the multiple iterations of the algorithm model training to update p ij .Moreover, the backpropagation function is used to optimize the network parameters with the interval of loss function as represented in below: where, c is the number of categories of the training samples, and I c is the indicator function as calculated below: where, m + indicates the upper bound correcting false positives, m − denotes the upper bound correcting false negatives, ϑ is the sale factor that adjust both upper and lower bounds, and class no is the total number of class.Based on the markov property and theory of probability of moving estimation, the discriminant for the sample corresponding to the category is estimated by using the following model: where, Pr(X|Y ) is the probability density function of the data, Pr(X) is the prior probability distribution of the each data of the particular category, and Pr(Y ) is the prior probability distribution of the each data of the any category.Then, the markov theory is computed in below: where, c denotes the sub category of each label, C indicates the number of class, and τ controlling parameter of the space term as represented in below: where, R is the random field of the normalization constant, and the potential function f c (x) is computed as follows: Furthermore, the probability density function is estimated as represented in below: where, x i is the i th sample, y i is the category of the i th sample and M is the total number of samples.Based on the Markov decision formula, the probability is obtained for the category of, Then, this probability function is converted into a negative algorithmic form, where the problem of probability maximization is transformed into the minimum value problem by using the following model: where, (a, b) is the Kronecker function, Pr y i |x i is the posterior probability of the output value from the neural network, and Pr y i is the prior probability of the category.It is calculated based on the proportion of the current category after each iteration and, used as the input value for the next iteration.Based on this model, the proposed classifier predicts and categorizes the type of cyber-threat with reduced training and testing time.

Results
This section validates and compares the performance and results of the proposed Cyborg intelligence mechanism used for ensuring the security of smart city networks.To test this security systems, the different types of cyberthreat datasets are utilized in this work, which includes the UNSW-NB 15, NSL-KDD, BoT-IoT IDS, DS2OS, and NSL-KDD.Moreover, the performance of the proposed optimization technique is also validated according to the number of iterations, best score, objective space, average fitness value, and searching history.In this study, the three distinct and well-known datasets UNSW-NB 15, BoT-IoT, and DS2OS are used for verifying and evaluating the proposed CSOM-RMML approach.Since these datasets are among the most recent and widely used in security application systems, they are also the most recent and popular public datasets.Additionally, it contains contemporary assaulting data that could be quite helpful for analyzing network attacks.These datasets are used by the proposed system to assess the performance and results of the system because of their emergence, popularity, and ease of accessible.Additionally, ToN-IoT, another current dataset, is employed in this study to assess the superiority of the suggested work.For large-scale application contexts like smart cities, IoT, IIoT, and others, the suggested datasets are appropriate.The results show that the suggested CSOM-RMML could handle these datasets with excellent accuracy and efficacy.As a result, it can handle very large intrusion datasets with superior performance and prediction rate.
Figure 2 shows the estimated benchmark testing function of the proposed CSOM optimization technique, then its corresponding searching history and average fitness value are shown in Figs. 3 and 4 respectively.Moreover, the best score obtained with respect to the varying number iterations is graphically represented in Fig. 5. Based on these results, it is analyzed that the proposed CSOM optimization technique provides an efficient results by finding the best optimal solution with reduced number of iterations.Due to the proper parameter setup and migration loop execution, the best optimal solution is effectively computed with increased convergence rate.
Figure 6a to e presents the generated confusion matrix of the proposed Cyborg intelligence mechanism for the different types of datasets.Typically, the confusion matrix is mainly used to validate the detection performance of the classifier.According to the improved values of TPR, the increased accuracy of classifier is determined.In this analysis, the confusion matrices are validated for all types of cyber-threat datasets.The estimated results prove ( 41) −1 if sample belongs to same category +1 otherwise .
(44)     where, TP -True Positives, TN -True Negatives, FP -False Positives, and FN -False Negatives.Among other parameters, the accuracy is considered as one of the key factor used to assess the detection efficiency of the classifier.It must be improved for ensuring the better system operations and performance.Figure 7 shows the accuracy of the conventional and proposed COSM-RMML attack detection approaches used for securing the smart city networks.The obtained results depict that the COSM -RMML technique overcomes the other approaches with increased accuracy.Similarly, the classification accuracy is estimated for the conventional 50 and proposed optimization integrated classification techniques according to the different types of classes of NSL-KDD dataset in Fig. 8.
In addition to that, the overall accuracy value is validated for the multi-objective optimization based classification techniques by using the NSL-KDD dataset.Based on the computed results, it is clearly illustrate that the proposed COSM -RMML technique provides an increased accuracy for all types of attacking classes, which is highly improved than the conventional approaches.Due to the proper feature identification, the classifier training and testing operations are enhanced, which supports to obtain the maximum accuracy during intrusion detection and classification.Accuracy of various optimization integrated classification technique in represented in Fig. 9. Figure 10 presents the overall performance analysis of the conventional and proposed classification based intrusion detection approaches.Here, the results are estimated in terms of accuracy, detection rate, False Alarm Rate (FAR), and f1-score.According to the results, it is evident that the combination COSM -RMML technique overwhelms the other approaches with improved performance results.
Consequently, the detection rate is validated for the state-of-the-art IDS mechanisms, and standard machine learning techniques 51  In addition to that, the elapsed time and CPU time of the conventional and proposed security approaches are validated and compared in Figs. 13 and 14 respectively.Here, the time analysis is performed according to the different types of attacking classes in the UNSW-NB 15 dataset.Typically, the time cost can vary for both training and testing operations of classifier that is highly proportional to the type of predicted class.For instance, the normal class has the largest proportion during training and testing, hence it takes an increased amount of time with low frequency of data.From the observed results, it is identified that the proposed COSM-RMML technique requires the reduced time cost, when compared to the conventional approach.Moreover, the accuracy of the standard machine learning and proposed classification models are validated by using UNSW-NB 15 dataset as shown in Fig. 15.Similarly, the overall performance results of the conventional and proposed COSM-RMML intrusion detection approaches are validated and compared by using DS2OS, UNSW-NB15, and CICIDS-2017 dataset as represented in Figs. 16, 17 and 18.Here, the results are estimated in terms of accuracy, precision, recall, and f1-score.For proving the superiority, the proposed security framework is validated and tested by using these DS2OS, UNSW-NB15 and CICIDS 2017 datasets.Depending on the type of attacking classes, the detection rate and accuracy of classifier can vary.From these results, it is evident that the combination of COSM-RMML has an increased capability to handle all kinds of datasets with improved performance outcomes.When compared to the other approaches, the results are highly increased in the COSM-RMML system, which illustrates the superiority and betterment of the proposed model.
Figure 19 validates the log loss value of the existing and proposed classification techniques for both DS2OS and UNSW-NB-15 datasets.Typically, the log loss value should be minimized for ensuring an accurate detection operations, because the increased loss value can degrade the performance of entire security model.Based on the estimated analysis, it is observed that the proposed COSM-RMML technique provides the reduced log loss value for both datasets by properly handing the input datasets.Furthermore, the FAR of the standard machine learning and proposed techniques are validated and compared by using the BoT-IoT IDS dataset as shown in Fig. 20.Due to the proper training and testing of features in the classifier, the FAR of the proposed classifier is effectively reduced, when compared to the other approaches.
In this study, several parameters including accuracy, detection rate, false alarm rate, f1-score and time consumption have been estimated for assessing the performance of the proposed model.For this validation, the distinct and more popular intrusion datasets are used in this work, which helps to evaluate the performance results of the proposed model.For the NSL-KDD dataset, the intrusion classification accuracy is increased to 99% with respect to the different types of attacks in the dataset.Similarly, the detection rate is improved up to 99.5% for the UNSW-NB 15 dataset with the accuracy of 99.6%.Moreover, the elapsed time is reduced to 0.2 s in the proposed system by using UNSW-NB 15 dataset.

Conclusion
In order to safeguard the networks of smart cities against cyber threats, this article introduces a new security paradigm based on cyborg intelligence.This work's key contribution is the creation of a low-complexity computational and economical intrusion detection framework for smart city security.Here, this security approach is put into practice using the most well-known and widely accessible benchmark datasets.The stages of data pretreatment and imputation, feature optimization, intrusion detection, and categorization are all included in this framework.In the beginning, the QIDI technique is used to carry out the data imputation and normalization procedures, where the identification of the missing fields and the removal of undesired attributes are carried out to provide

Figure 9 .
Figure 9. Accuracy of various optimization integrated classification technique.

Figure 12 .
Figure 12.Detection rate of various machine learning techniques using UNSW-NB 15 dataset.

Figure 15 .
Figure 15.Accuracy of machine learning classifiers using UNSW-NB dataset.

Table 1 .
Recent To optimally choose the features for training the classifier model, an intelligent and advanced Conjugate Self-Organizing Migration (CSOM) based optimization algorithm is developed.• To accurately predict the intrusion with its category, a novel Reconciliate Multi-Agent Markov Learning (RMML) based classification approach is implemented.• To test and validate the results and efficacy of the proposed CSOM-RMML mechanism, the different types of evaluation indicators are estimated.
state-of-the-art model analysis.In this study, an ensemble weighted average approach has been used to categorize the normal and intrusive events from the smart city networksComputational complexity and overfittingMachine learning modelHere, the different types of machine learning algorithms are implemented for intrusion detection High reliability, fast in process, and better prediction rate• www.nature.com/scientificreports/ that the combination of proposed CSOM-RMML based Cyborg intelligence mechanism provides an accurate predicted results by properly detecting intrusions and its appropriate classes.The accuracy, precision, recall, detection rate, and F1-score are mainly used to validate the detection results of classifier, which are estimated as follows: Vol.:(0123456789) Scientific Reports | (2023) 13:15681 | https://doi.org/10.1038/s41598-023-42257-0